[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Firewall <-> CUPS





Holger Schletz schrieb:

Hi,

Your reply did not get posted to the list, so I will answer directly:

Sep 24 11:51:54 ptpp74 kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT=
MAC=00:50:fc:5c:dd:dc:00:d0:b7:93:ef:75:08:00 SRC=
141.30.17.195 DST=141.30.17.254 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=19456 DF PROTO=TCP SPT=51782 DPT=631 WINDOW=584
0 RES=0x00 SYN URGP=0 OPT (020405B40402080A0DEBEA270000000001030301)

But I cannot interpret what is going on.


It means that the machine 141.30.17.195 (SRC=...) tried to open a TCP connection (PROTO=TCP) to your machine (DST=141.30.17.254) on port 631 (DPT=631). The source address is not identical to the address you specified in your firewall config (141.30.17.91). Is this a typo?

I know for sure that the CUPS server is 141.30.17.91. But even if I
change the configuration to

    FW_TRUSTED_NETS="141.30.17.195,tcp,631"  ( The option was spelled
correclty, I have copied it in a uncomplete manner. )

the CUPS printer are not recognised.


BTW, the line W_TRUSTED_NETS="141.30.17.91,tcp,631" is misspelled in your post (must be "FW_TRUSTED_NETS=...", check your config file.

Check the IP addresses and tell me what you see.

Best regards,
Holger


Best regards,
Michael

--
_____________________________________________
Michael Graupner

Institute for Theoretical Physics
Dresden University of Technology
01062 Dresden
_____________________________________________




--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here